# 負責系統管理者功能的控制器.
class UserController < ApplicationController
  
  # 登入.
  # 若登入成功, Session 內會多一個使用者編號.
  def login
    session[:user_id] = nil
    
    if request.post?
      user = User.authenticate(params[:name], params[:password])
      if user
        session[:user_id] = user.id
        uri = session[:original_uri]
        session[:original_uri] = nil;
        redirect_to uri
      else
        flash[:notice] = '錯誤的帳號或密碼'
      end
    end
    
  end
  
  # 登出.
  def logout
    session[:user_id] = nil
    flash[:notice] = '已登出'
    redirect_to :action => :login
  end
  
end
